2
0
mirror of https://gitlab.com/apparmor/apparmor synced 2025-08-30 05:47:59 +00:00

abstractions/fonts: don't allow write of fontconfig cache files

879531b36ec3dfc7f9b72475c68c30e4f4b7b6af changed access for
@{HOME}/.{,cache/}fontconfig/** to include 'w'rite. Fontconfig has been
a source of CVEs. Confined applications should absolutely have read
access, but write access could lead to breaking out of the sandbox if a
confined application can write a malformed font cache file since
unconfined applications could then pick them up and be controlled via
the malformed cache. The breakout is dependent on the fontconfig
vulnerability, but this is the sort of thing AppArmor is meant to help
guard against.
This commit is contained in:
Jamie Strandboge 2019-09-09 15:48:05 -05:00
parent 33c5f61c75
commit c5968c70d0

View File

@ -45,7 +45,7 @@
owner @{HOME}/.local/share/fonts/** r,
owner @{HOME}/.fonts.cache-2 mr,
owner @{HOME}/.{,cache/}fontconfig/ rw,
owner @{HOME}/.{,cache/}fontconfig/** mrwl,
owner @{HOME}/.{,cache/}fontconfig/** mrl,
owner @{HOME}/.fonts.conf.d/ r,
owner @{HOME}/.fonts.conf.d/** r,
owner @{HOME}/.config/fontconfig/ r,